package com.app.backend.base.controller;

import com.app.backend.common.annotation.InvokeLog;
import com.app.backend.base.entity.User;
import com.app.backend.common.response.BaseResponse;
import com.app.backend.common.response.ResponseCode;
import com.app.backend.common.service.RedisValueService;
import com.app.backend.common.utils.RandomUtil;
import com.app.backend.common.utils.RequestIpUtil;
import com.app.backend.common.utils.SM4Utils;
import io.swagger.annotations.Api;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.annotation.CacheConfig;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;

import static com.app.backend.common.response.ResponseCode.SUCCESS;
import static com.app.backend.common.response.ResponseCode.SYSTEM_ERROR;

/**
 * @program: LoginController
 * @description:
 * @author: Zhun.Xiao
 * @create: 2020-02-09 21:00
 **/


@Slf4j
@RestController
@Api(value = "登录相关接口")
@RequestMapping(value = "/api/v1/sys/login")
@CacheConfig(cacheNames = "user")
public class LoginController {


    @Autowired
    private RedisValueService redisValueService;


    /**
     * @api {post} /api/v1/sys/login/key 获取秘钥
     * @apiversion 1.0.0
     * @apiDescription 调用接口必须先获取秘钥
     * @apiName key
     * @apiGroup login
     */
    @InvokeLog(description = "获取秘钥", persistence = true)
    @PostMapping(value = "/key")
    public BaseResponse login(HttpServletRequest request) {
        BaseResponse response = new BaseResponse();
        try {

            String tokenKey = RandomUtil.getHexRandomString(32);
            String iv = RandomUtil.getRandomString(16);
            String userKey = RandomUtil.getRandomString(6);
            redisValueService.set("app:loginKey:" + userKey.toUpperCase(), tokenKey, 5);
            redisValueService.set("bcp:iv:" + userKey.toUpperCase(), iv, 5);
            response.setData(new HashMap<String, String>() {{
                put("userKey", userKey);
                put("tokenKey", tokenKey);
                put("iv", iv);
            }});
        } catch (Exception e) {
            e.printStackTrace();
            log.error(e.toString());
            response.setCode(ResponseCode.NO_KEY);
        } finally {
            return response;
        }

    }


    @InvokeLog(description = "用户登录", persistence = true)
    @PostMapping(value = "/login")
    public BaseResponse login(@RequestBody User user, HttpServletRequest request) throws Exception {
        log.info("userNo 为 {} 的用户，进入 login...", user.getUserno());
        BaseResponse response = new BaseResponse();
        String ip = RequestIpUtil.getIpAddr(request);

        try {
            //用户登录信息校验
            response = user.validate();
            if (!response.getCode().equals(SUCCESS)) {
                log.error(response.toString());
                return response;
            }

            String tokenKey = null; // todo 获取redis存储的秘钥
            String iv = null;
            // 前端传入的加密密码解密
            //使用sm4解密密码
            SM4Utils sm4Utils = new SM4Utils();
            sm4Utils.setIv(iv);
            sm4Utils.setSecretKey(tokenKey);
            String pwd = sm4Utils.decryptData_CBC(user.getPassword());
            //根据userName获取用户信息
            //todo 用户密码校验
            //todo 获取用户对应权限信息

            return response;

        } catch (Exception e) {
            response.setCode(SYSTEM_ERROR);
            e.printStackTrace();
            log.error(e.toString());
        } finally {
            return response;
        }

    }


}